Internal Auditors

Many internal audit shops consist of a small number of internal auditors who are run off their feet attempting to audit all the head office areas, and branches of a Company that can be scattered across the country over even the world.

In most cases, the computers are treated as a black box, similar to the external auditor’s approach, as there are not the requisite skills on board to enable Internal Audit to address this function. Very often the internal auditors do not have the time or the capacity to even be able to validate the controls surrounding the data entering the computer and the information coming out.

InfoTechAudit cc is able to supply medium and smaller companies, who may be unable to afford the cost of employing a full-time qualified IT Auditor, the assurance that they are adhering to various pieces of legislation, as well as the requirements laid down in the King II Report. Why not contract IT Audit out to a specialist firm that deals solely in this field. This provides can provide a company with many advantages:

It reduces the pressure on internal audit department to attempt to audit into an environment that they are not qualified for.

  • The IT audits will be at a detailed level, and will be able to give their Executive a value added service by identifying controls that are inadequate.


Furthermore, it will provide the Company with the facility of IT Risk assessments that will identify the IT weaknesses that are inherent in the business, “it is better than closing the door after the horse has bolted”.
Furthermore should the Company identify (as risk assessments are only facilitated by InfoTechAudit cc) that certain documentation such as policies, standards, disaster recovery, business continuity need to be put in place. InfoTechAudit is able to provide this service AT THE COST OF NOT BEING ABLE TO AUDIT THE SAID COMPANY UNTIL THEY HAVE BEEN RE-AUDITED BY EXTERNAL AUDITOR again. This is to ensure that complete independence is maintained.


This approach enables the company to control its overheads that would come with employing an IT auditor full time, yet provides the Executive/Directors with comfort that their IT systems are well managed and proper controls are in place.

Having your IT environment can also have further positive spin-offs as areas of over-control and duplication may be identified and therefore the Company’s bottom line can be enhanced.